That said, if avast! were to have any sort of automatic sandboxing of unsigned/un-whitelisted files, the idea of having different options or settings for "noobs", advanced users, etc, could be addressed something like this.
Logging in as a user with Admin or Power User privileges, avast! would prompt to say,
"Unsigned/un-whitelisted files will be virtualized by default. Tick the box to switch this feature off."
Logging in as Standard User, no prompt, no default virtualization. Limited user privileges should (at least on Windows 6 & 7) be sufficient to protect the system.
Any comments?
I liked this idea very much. I don't think avast should aware the users, but, indeed, it (the sandboxing) could work only in admin accounts. Very good point.
Glad you liked it.
For many people who just want to, or have to, use a PC, effective AV protection is proportional to their threshold of annoyance/patience. If they think the AV is making their PC slow down, or boxes with questions they don't understand keep popping up, they'll just click anything to get rid of the message or turn the protection off.
Like everything devised by human beings, AV protection is a compromise. User friendliness and the quest for usability will generally result in a level of allowable risk being tolerated. Sandboxing by default aims to reduce this risk by taking more responsibility away from the user and putting it in the hands of a what is essentially a glorified IF, THEN, ELSE engine, albeit a highly developed and multifaceted one. Such an idea might seem attractive at first, especially if your product has a reputation for annoying popups (insert CIS experience here
) but in the end it may turn out to be just as frustrating for the user as the cryptic warning popups it was supposed to diminish.
As for avast! users who are not accustomed to their PC seesions being interrupted by questions from their AV, the implementation of such a measure would need to be faultless.
A false sandboxing is an FP, a legit program that may not work properly sandboxed.